Hello! I´ve issues accessing disneyplus.com with web filtering enabled. The site is working, but when trying to register or login, nothing happens, except a spinning circle. However, allowing the specific client to access anything without web filtering…

Anyone else have this issue? community. sophos .com shows up in web filter logs BUT support.sophos.com and www.sophos.com don't. Why is SFOS hiding these logs? I thought it might be some exception but that doesn't seem to be the case.

Hello, We have the problem that users who work from home and only have an IPV6 address cannot use the WAF rules and web server access. Can we allow "any IPV6"? "any IPV4" is allowed. What would be the best approach here? Thank You!

Good day we have configured Web filtering to block peer to peer and torrents... but we still can access the Pirate bay website.. I have also added a category to block the urls , but we still can access the sites.. we tryed opening on private browser…

Hi there, we want to open the url: https://procurement.cern.ch and get the error: 502 Bad Gateway. If I open the URL without our firewall ( at home...) the website will open ! So the problem is our Firewall with SFOS 20.0.0 GA Build 222. I also…

Hi there, is it possible to create an exception for a filetype that should be allowed on a specific website only? We have a webpolicy, that restricts filetypes based on file type category. We want to allow one of that types for a certain website.…

Hi, I need advice how to Deny Direct IP access from browser. So, it only allow access by domain-name. How it done through Sophos Firewall configuration rule? I use Sophos XG 310, SFOS v20.0 Thanks

Hi everyone, is it possible to disable logging for specific (url) categories? For example disable logging for Health & Medicines Financial services I'm new to sophos firewalls and as far as I know it's only possible to add one web policy to…

Hello, I have set up an XGS136 SFOS 20.0.0 at an customer with an OnPrem Exchange 2016, of course set it up with MTA Mode / Reverse Proxy (Thanks for the 1MB Size Limit that is forbidden to edit...) and I am facing issues to set up Quarantine Digests…

Using Web Server Protection, I want a web server to only be reachable from some IP lists or IP host groups. How can I achieve this? In Access permission , Allowed client networks , it seems that I can only choose individual IP hosts of networks. Am…

Hi! We're using web category filtering with Active Directory groups. The proxy logs show that sometimes the user's devices are authenticating on proxy instead of user. The access rights are set to the users, not the devices. Because of this the proxy…

I'm struggling to block access to the WAF, I am trying to block all but Cloudflare IP ranges from accessing the WAF however there is still traffic hitting the WAF from non cloudflare IP's. If you are a non cloudflare IP then you get a forbidden page instead…

We just had a PCI compliance scan and we failed because HTST wasn't enabled. Looking through everything HTST is enabled on all of our Web Server Protection rules including the default one. The PCI scanning company said the server replying is using apache…

Hi all! I hope this is just a small question and easy to answer. We have a XGS 2300 with SFOS v20 deployed and we use it as our snmp proxy. We get a lot of mails from "spameri @ tiscali.it" which are rightfully rejected. Now, I would like to set up…

Hi all, I have multiple Domains mananged in my LAN. Sophos XGS3300 protects that mails. Now I want only one internal domain to use a smarthost for outgoing mail. All other domains should proceed directly via MX. How to manage that? Mail Policies…

Hello together, i have the issue that some Websites like https://www.mediamarkt.de , https://www.poco.de , https://moemax.de are disconnecting the TCP Stream when our Sophos Firewall is running TLS Decryption against them. Once the TLS Decryption…

Hi there, I have a single static public IP that I'm using for SSL VPN incoming connections and for exposing a host (PBX) along with the following services: 80, 443, 5060, 5061, and RTP range 9999-15000. The PBX manufacturer provides a DNS service…

I'm getting an error on a URL with WAF for Static URL Hardening. I've added an exception but still getting the same error. What am I missing?

Hi community Please i have this issue for our customers, we migrated from UTM9 under SG135 series to new series XGS136W before we start you can find current configuration. Appliance are connected to ISP Modem (Router) via port 2(WAN) Port 1…

Hello, I am experiencing an issue with the Sophos XGS firewall on the latest firmware. The issue is with the Email application; specifically, incoming mail from the MailGun service is marked as b ounce+7bbc1d.e9c62-admin=acme.com . It happens that…

Can anyone help figure out what to let through the web filter to get the onvue proctored exam streaming software to work through an XG210? On the test connection it is failing everytime on the video streaming check. When I look in the firewall logs…

Hello, as from here I can configure "Require sender email domains" to enforce TLS negotiation ( whitelisting ). Beside this I can configure "Skip TLS negotiation" ( blacklisting ). For compliance and legal reason I need to configure TLS negotiation…

Hi folks, a while ago I had issues with SASI not logging all iMaps traffic. The issue has been partially resolved by changing firewall mail rules. A new issue is I receive over 1000 spam messages a day from the same sites via the mail post office…

Hi, I would like to setup a Webserver protection using the WebServer and HTTPS to the Sophos FW, but behind the Firewal, I want to use HTTP. Could anyone tell me how to setup that? I can see how to setup for HTTPS, but I am not sure how to send it using…

This is partly a question, partly a what's other peoples experience with this Doing some heavy speedtest loads on an XGS136 and an XG 135 and while both units with TLS inspection on will do 800mbps+ on the download they will only do 190mbps(XGS136)…